76 to 100 of 106 Permanent Azure Sentinel Jobs

teams. Familiarity with ITIL framework and experience in a structured support environment. Expert knowledge of Windows 10/11, Microsoft 365, Intune, Autopilot, Azure AD, Group Policy, Intune Configuration policies and Sentinel. Server Technologies: Virtualisation, particularly Proxmox or Microsoft Hyper-V, Microsoft Windows Server 2012 through to 2022. … Public Cloud Solutions: Azure or AWS solution implementation, migration, and support. Exposure to Firewalls - Sophos, Cisco, Fortinet and PF Sense. Network Technologies: LAN/WLAN/WAN. Solid understanding of networking principles (DNS, DHCP, VPNs) and security best practices. Hands-on expertise in PowerShell scripting for automation and More ❯

Intrusion Analyst (GCIA) GIAC Network Forensic Analyst (GNFA) GIAC Cloud Threat Detection (GCTD) GIAC Cloud Forensics Responder (GCFR) CISSP Certification Experience with Microsoft Sentinel 6+ years of supervising and/or managing teams 8+ years of intrusion detection and/or incident handling experience Ability to analyze new … Cyber Kill Chain, Diamond Model, MITRE ATT&CK, etc) and able to utilize it in their analysis workflow Experience with Cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiar with cloud threat landscape Experience with FBI, DHS, IC, and DoD Networks. Experience with configuring and operating cybersecurity More ❯

MPO). We are seeking a large number of professionals from junior (2+ years) through senior levels (12+ years) with the following experience: Azure Skills • Identity planning, design, implementation • Azure deployments (identity and Sync, possibly some networking) • Azure security - Sentinel and Defender … as available • Review Policy from governance and policy for Azure O365 Skills • O365 Implementation/configuration • Define Governance and Policy changes Benefits: - Paid Time Off (PTO) - Holiday Pay - 401k - Top tier health, dental, vision etc. insurance - Professional development and training - Career advancement - Performance bonuses - Referral bonuses More ❯

timeframe. We are seeking a large number of professionals from junior (2+ years) through senior levels (12+ years) with the following experience: Azure Skills • Identity planning, design, implementation • Azure deployments (identity and Sync, possibly some networking) • Azure security - Sentinel and Defender as … available • Review Policy from governance and policy for Azure O365 Skills • O365 Implementation/configuration • Define Governance and Policy changes For W2 positions, we offer the following: - Salary range: $105,000 - $247,000 per year (based on years of relevant experience) - Paid Time Off (PTO) - Holiday Pay - 401k More ❯

Cyber Kill Chain, Diamond Model, MITRE ATT&CK, etc) and able to utilize it in their analysis workflow Experience with Cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiar with cloud threat landscape Experience with at least 3 of these tools: ARMIS; Cloudflare; Trellix Security: Cloud/… Data/Email/Endpoint/Network Security; Threat Intelligence; SIEM; Microsoft Azure/Defender/Sentinel; RSA NetWitness Logs and Packets; Rapid 7 Nexpose/App Spider; Stealthwatch Netflow; Tenable IO/Web App Scanning; Varonis Data Protection; XACTA 360/IO More ❯

Cyber Kill Chain, Diamond Model, MITRE ATT&CK, etc) and able to utilize it in their analysis workflow Experience with Cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiar with cloud threat landscape Experience with at least 3 of these tools: ARMIS; Cloudflare; Trellix Security: Cloud/… Data/Email/Endpoint/Network Security; Threat Intelligence; SIEM; Microsoft Azure/Defender/Sentinel; RSA NetWitness Logs and Packets; Rapid 7 Nexpose/App Spider; Stealthwatch Netflow; Tenable IO/Web App Scanning; Varonis Data Protection; XACTA 360/IO More ❯

and a lean working methodology. Language Proficiency: Professional working proficiency in English. Desired: Cloud and SaaS Experience: Experience with cloud ecosystems (e.g., AWS, Azure, GCP) and distributed component SaaS platforms. Programming Languages: Proficiency in one or more of the following programming languages: Java, C, JavaScript, Python. Data Extraction … expressions for data extraction and parsing. Security and Log Management Tools: Experience with security information and event management (SIEM) products like Splunk, QRadar, Sentinel, Chronicle, etc, is highly desirable. Data Visualization and Monitoring: Familiarity with data visualization and monitoring tools, such as Power BI, Grafana, Dynatrace, Prometheus, etc. More ❯

Job Description: Identify threat tactics, methodologies, gaps, and shortfalls aligned with the MITRE ATT&CK Framework and the Azure Threat Research Matrix (ATRM). Perform Hypothesis-based or Intelligence-based Cyber Threat Hunts to identify threats and risks within environments. Use cloud-native techniques and methods to identify … secure facilities. Desired Skills: Proficiency with at least Python, PowerShell, or bash. Proficiency in using query languages used in popular SIEM products (Splunk, Sentinel). Experience with producing finished intelligence content on threat actors and attacker techniques including written reports, presentations, and visuals covering attribution, threat detection and More ❯

security controls, policies and technologies effectively protect the organisation's assets, infrastructure and data. They are using the MS Security Stack including Defender, Sentinel and Entra ID, and are very ahead-of-the-curve in their respective sector. The ideal candidate will have come from a hands-on … UK, with travel into London around once or twice a month (expenses-paid). Responsibilities: Implement and manage security controls for Microsoft and Azure infrastructure. Lead vulnerability management and incident response. Enhance security monitoring and IAM with Microsoft tools. Drive security architecture and ensure endpoint security. Support M … maintain compliance. Requirements: Experience in a Cyber Security leadership-level role Proven experience with the MS Security Stack including Defender (Endpoint, Identity, Cloud), Sentinel (SIEM), Entra ID Security Features, and Purview Knowledge of Azure Security controls, including Azure Firewall, Key Vault, Conditional Access, and More ❯

Cyber Kill Chain, Diamond Model, MITRE ATT&CK, etc) and able to utilize it in their analysis workflow Experience with Cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiar with cloud threat landscape Experience with at least 3 of these tools: ARMIS; Cloudflare; Trellix Security: Cloud/… Data/Email/Endpoint/Network Security; Threat Intelligence; SIEM; Microsoft Azure/Defender/Sentinel; RSA NetWitness Logs and Packets; Rapid 7 Nexpose/App Spider; Stealthwatch Netflow; Tenable IO/Web App Scanning; Varonis Data Protection; XACTA 360/IO More ❯

Qualifications include: 5 years of experience performing threat hunts & incident response activities for cloud-based and non-cloud-based environments, such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Zscaler 5 years of experience performing hypothesis-based threat hunt & incident response utilizing Splunk Enterprise Security. 5 years … systems using EDR agents (e.g. CrowdStrike) and custom scripts (e.g. Sysmon & Auditd) 5 years of experience with the following threat hunting tools: Microsoft Sentinel for threat hunting within Microsoft Azure; Tenable Nessus and SYN/ACK for vulnerability management; NetScout for analyzing network traffic flow; SPUR.us … e.g., HEAT or Service Now), for threat hunt support. Threat hunt targets include cloud-based and non-cloud-based applications such as: Microsoft Azure, Microsoft O365, Microsoft Active Directory, and Cloud Access Security Brokers (i.e., Zscaler). Review and analyze risk-based Security information and event management (SIEM More ❯

Threat Detection - Specializing in SIEM tools to identify anomalies across cloud and data center environments, while developing and maintaining security monitoring during the Azure transition. Incident Response & Threat Hunting - Assisting in containment, eradication, and recovery of incidents, proactively hunting for threats, and mitigating operational risks. Risk & Threat Management … of IT domains like OS, databases, networks, or applications It's a bonus if you have: Qualifications in Cyber Security Knowledge of Microsoft Sentinel and Microsoft Azure (including certifications such as AZ-900, SC-900, SC-200 or AZ-500) If this role is of interest More ❯

Citi's Cloud Incident Response (Cloud IR) team seeks a Senior Vice President of Microsoft 365 (M365) and Azure Incident Response to lead and oversee the organization's incident response operations within the M365 environment. You will work closely with stakeholders to ensure effective security incident response with … organization through critical security challenges within the M365 ecosystem. Responsibilities: Own and lead Citi's response to security incidents in our M365 and Azure platforms Build and sustain a high-performing security operations team skilled in managing M365 incidents Collaborate with relevant engineering teams to gain an in … depth and accurate understanding of Citi's M365 landscape Proactively identify gaps in M365/Azure Incident Response capabilities (processes, procedures and playbooks) and take ownership to deliver and mature these continually Ensure readiness for various incident response scenarios based on historical data but also proactively identifying new More ❯

Configure, manage, and maintain firewalls (Sonicwall, PFSense, Palo Alto) to ensure uptime and network security. In coordination with network team, deploy and optimize Azure ExpressRoute, Azure Gateways, IP-Sec VPNs, and SD-WAN for hybrid cloud integration. Troubleshoot network performance issues and implement solutions for high … availability. Monitor and respond to security threats using SIEM solutions (Microsoft Sentinel, AWS Security Hub). Implement and maintain Zero Trust Architecture, VLANs, BGP, and DNS configurations. Work closely with cloud and security teams to implement secure endpoints, transport mechanisms and access controls. Provide Tier 3 support for … network-related issues and document system changes. Preferred Qualifications Certifications: CCNP Security, Sonicwall SNSA, Azure Networking Certification. Strong knowledge of TCP/IP, VLANs, DNS, BGP, SD-WAN, Zero Trust. Experience with firewall technologies, encryption/decryption, packet inspection, tracing, and OS troubleshooting. Familiarity with compliance frameworks (CMMC More ❯

hours support. Stay updated with the latest security threats, vulnerabilities, and trends to improve detection capabilities. Skills & Qualifications Essential: Experience working with Microsoft Sentinel, Defender XDR, and/or other SIEM/XDR solutions. Strong understanding of log collection, parsing, and correlation for security monitoring. Experience in developing … detection rules. Familiarity with automation and integration tools such as Logic Apps, Power Automate, or other SOAR platforms. Knowledge of cloud security, particularly Azure, AWS, and Google Cloud. Excellent documentation skills and process-building capabilities. Great communication skills and ability to work collaboratively in a team. Desirable (Not More ❯

Experience with Microsoft Intune and Windows Defender ATP. Experience with Server management including Virtualization. Experience with PowerShell or similar scripting language. Experience with Azure, Active Directory, and Group Policy. Strong Excel skills to support reporting and data analysis duties. Experience with end user technology deployments and upgrades. Experience … Manager Admin Center, Microsoft Mobile Threat Defender (MTD), Microsoft Defender for Office (MDO), Microsoft Security Administration, Microsoft 365, Microsoft Defender for Cloud and Sentinel, Microsoft Office 365, Microsoft Configuration management (service center), Windows Server Admin TS/SCI clearance with the ability to obtain a counter-intelligence polygraph. … Capabilities, deploy complex architectures, coordinating efforts, test and verify solutions, future implementation, Microsoft Intune, Windows Defender ATP, Server management, Virtualization, PowerShell, scripting language, Azure, Active Directory, Group Policy, Excel skills, reporting, data analysis, end user technology deployments, upgrades, Microsoft Endpoint Manager Admin Center, Microsoft Security Administration, Microsoft More ❯

critical cyber security controls, common tools, and techniques. Desirable: DLP: Symantec DLP, Microsoft DLP, Netskope DLP, Proofpoint DLP. IaC Frameworks: Terraform, OPA, HashiCorp Sentinel, etc. Security Infrastructure: Splunk, Archer, HIVE. Cloud: Azure, M365, AWS. Database: Oracle, MSSQL, SQLite. Non-Technical Attributes Must Have: Problem Solving: Excellent More ❯

architecture. Participates in high-level estimation. About You: Skills & Experience: Experience with architecture frameworks such as TOGAF, Zachman, etc. Established experience with Microsoft Azure organization management such as Contoso, Subscriptions, Landing Zones, Service Principals, Managed Identities, B2C, Entra, Monitor, Roles, Policy, etc. is preferred. Established experience with Microsoft … Azure resources (ACA, ACR, Functions, Logic Apps, Health Data Services, APIM) is preferred. Experience with Microsoft security tools such as Sentinel, WAF, DDoS Protection, Bastion, etc. is preferred. Experience with Amazon Web Services (AWS S3, EC2, Lambda, Step Functions, Event Hub, Log Analytics, IAM, API Gateway … SDLC as per IEC62304 is desired. Experience with end-to-end DevOps (from requirements to implementation to production to operations) tools such as Azure DevOps, GitHub, etc. is desired. Possess an understanding of Risk Management, Disaster Recovery, Business Continuity, IT Security Architecture, and IT Regulatory Compliance. Experience with More ❯

our clients cloud and physical infrastructure by developing and maintaining scalable, proactive security controls, processes, and tools. Key Responsibilities: Secure physical and Microsoft Azure cloud infrastructure using modern, risk-based approaches. Design, implement, and maintain security controls, templates, and baselines for cloud environments. Automate repetitive tasks to enhance … Deploy and manage tools such as Microsoft Defender for Cloud, Defender for Endpoint, and Nessus. Collaborate with our outsourced SOC team to enhance Sentinel SIEM, runbooks, and threat detection. Lead investigations into security incidents and conduct proactive threat hunting. Manage endpoint security, patching, vulnerability scanning, and system hardening. … infrastructure practices. Participate in a 1-in-6 on-call rota after completing probation. Key Requirements: Hands-on knowledge of SIEM platforms (preferably Sentinel), EDR, and vulnerability management. Familiarity with frameworks like Cyber Essentials Plus and ISO 27001. Experience in securing hybrid cloud environments (Microsoft Azure More ❯

hybrid working model with flexibility built in. Technical Skills Proven experience in a SOC Analyst role Hands-on experience with SIEM (ideally Microsoft Sentinel) and EDR tools (preferably Microsoft Defender) Confident configuring and deploying Microsoft Defender and Azure security technologies Understanding of core networking protocols (TCP More ❯

Cyber Kill Chain, Diamond Model, MITRE ATT&CK, etc) and able to utilize it in their analysis workflow Experience with Cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiar with cloud threat landscape Experience with at least 3 of these tools: ARMIS; Cloudflare; Trellix Security: Cloud/… Data/Email/Endpoint/Network Security; Threat Intelligence; SIEM; Microsoft Azure/Defender/Sentinel; RSA NetWitness Logs and Packets; Rapid 7 Nexpose/App Spider; Stealthwatch Netflow; Tenable IO/Web App Scanning; Varonis Data Protection; XACTA 360/IO More ❯

Red Team operations. Experience in managing and leading a team of cybersecurity professionals. Experience with operational toolsets that include but not limited to; Azure Security Center, ForeScout, Microsoft Defender Products, Microsoft Sentinel, RSA Archer, Forcepoint, Gigamon, Splunk, Tenable Nessus, Palo Alto, Azure Active Directory More ❯

in traditional data center environments (bare metal frames), cloud, and hybrid cloud. The cloud environments we are operating in today are AWS, Microsoft Azure, and Oracle. Requirements Provide solutions requiring analysis and creative use of innovative methods to complex problems by collaborating with subject matter experts and program … enterprise solutions. Contributes to security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations Preferred familiarization with Sentinel One Preferred familiarization with IDS/IPS Solutions Preferred familiarization with MECM Perform other duties as assigned. Preferred Qualifications: Familiarization with Sentinel More ❯

as SQL, Lucene, JEXL, or KQL Experience with dashboarding and visualizations such as Power BI, Superset, or Kibana Experience with SOARs such as Sentinel, CORTEX, or X-SOAR, and VMware, ESXi, and vSphere Experience with cloud providers and environments such as Azure, AWS, or Google Cloud More ❯

Practical experience with cloud environments, particularly hybrid cloud solutions. Familiarity with private cloud technologies like VMware and public cloud platforms such as Microsoft Azure is essential. A sound understanding of project management methodologies such as Agile, Waterfall, and PRINCE2. Knowledge of cyber attack modelling and breach investigation techniques. … understanding of CSIRT and incident response processes. Experience working with incident response providers is a bonus. Experience with Microsoft Defender products and Microsoft Sentinel is advantageous. Certifications (Desirable but not Essential): CISMP (Advantageous) SC-900, AZ-900 (Advantageous) CISSP, CISM (Advantageous) SC-200, SC-300, SC-400, AZ More ❯